Exploring BERT for Predicting Vulnerability Categories in Device Configurations
Dmitry Levshun, Dmitry Vesnin
2024
Abstract
Attack graphs have long been a popular method for modelling multistep attacks. They are useful for assessing the likelihood of network hosts being compromised and identifying attack paths with the highest probability and impact. Typically, this analysis relies on information about vulnerabilities from open databases. However, many devices are not included in these databases, making it impossible to utilize information about their vulnerabilities. To address this challenge, we are exploring different modifications of BERT in prediction of vulnerability categories in devices configurations. Our goal is to predict vulnerability categories in new versions of vulnerable systems or systems with configurations close to vulnerable ones. In this work, each device configuration is represented as a list of Common Platform Enumeration descriptions. We categorized vulnerabilities into 24 groups based on their access vector, initial access, and obtained access rights—metrics derived from the Common Vulnerabilities and Exposures within the Common Vulnerability Scoring System. During the experiments, we initially compared the performance of BERT, RoBERTa, XLM-RoBERTa, and DeBERTa-v3. Following this comparison, we used hyperparameter optimization for the model with the best performance in each metric prediction. Based on those predictions, we evaluated the performance of their combination in prediction of vulnerability categories.
DownloadPaper Citation
in Harvard Style
Levshun D. and Vesnin D. (2024). Exploring BERT for Predicting Vulnerability Categories in Device Configurations. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-683-5, SciTePress, pages 452-461. DOI: 10.5220/0012471800003648
in Bibtex Style
@conference{icissp24,
author={Dmitry Levshun and Dmitry Vesnin},
title={Exploring BERT for Predicting Vulnerability Categories in Device Configurations},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2024},
pages={452-461},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012471800003648},
isbn={978-989-758-683-5},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - Exploring BERT for Predicting Vulnerability Categories in Device Configurations
SN - 978-989-758-683-5
AU - Levshun D.
AU - Vesnin D.
PY - 2024
SP - 452
EP - 461
DO - 10.5220/0012471800003648
PB - SciTePress